At Cisco Meraki, we know that technology can connect us, empower us, and drive us. By simplifying powerful technology we can free hardworking people to focus on their mission. As the fastest-growing cloud-managed networking team in the world, our products and technology architecture are changing the face of enterprise networking and making cloud-managed IT a reality!

Our Meraki Security organization provides critical cybersecurity and business protection to Meraki and our customers globally. Our mission is to earn and maintain customer trust by protecting, defending, and improving the security of Meraki products, systems, and services. In order to support a global customer base the Meraki Insider Risk Team is a fully remote team with employees in multiple locations and time zones.

As a direct report of the Head of Threat Management, you will be responsible for Cisco Meraki's insider threat operation. You will lead, coordinate, and deliver security program achievements by communicating with stakeholders across security and engineering. Required to support other security teams in driving business-friendly security and process improvements. The program you run will have a direct, immediate, and positive impact on our internal security, external customers, and the hundreds of millions of users that use and rely on Meraki access points, switches, security appliances, and cameras every single day.

We are passionate about building real products that our customers love. We believe in fostering a positive culture by hiring, mentor, and empowering thoughtful, conducive, humble people. With the support of management, we constantly look within for ways to improve organizationally. Finally, we maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup vibe!

Key responsibilities:

• Responsible for leading insider threat investigations within Meraki
• Responsible for providing timely investigation summaries to relevant stakeholders such as Cisco Employment Legal, Meraki Legal, and Meraki Security Leadership
• Own the insider risk management program at Meraki
• Review logs, conduct threat hunts, and work with our Detection Engineering team to further enhance our proactive monitoring and alerting
• Lead tabletop exercises with key stakeholders and partners
• Develop metrics around Insider Risk monitoring, detection, and forecasting
• Work with sister security teams to reduce threat surface areas and raise security awareness
• Create runbooks and procedures for Tier 1 analysts to triage alerts
• Evaluate, recommend, and improve upon existing technical and non-technical solutions to detect and respond to potential insider threats

You are an ideal candidate if you:

• Are a US Citizen or US Green Card holder
• Have a minimum of 12 years of experience with a background in law enforcement, military, defense, or government operations supporting an insider risk program and/or conducting sophisticated threat or counterintelligence investigations to include experience in investigative and informational interviews.
• Are knowledgeable of National and Federal Agency regulations pertaining to Insider Threat programs
• Have relevant insider threat industry certifications such as Insider Threat Program Manager, CCITP-A (Certified Counter-Insider Threat Professional - Analysis) or CCITP-F)
• Have experience with UAM, SIEM, DLP, and UEBA technologies
• Have an executive presence with superb communication skills and ability to collaborate with multiple teams and intelligence source groups both internal and external to the organization
• Possess previous people management and leadership experience
• Have experience building and leading impactful security programs and teams
• Have experience responding to high severity investigations and interviewing insider risk actors, witnesses, and impacted individuals

Bonus points for:

• Professional experience in Information Security and/or Digital Forensics and relevant certifications
• Able to write custom query logic for major SIEM tools
• The ability to write SQL to search data warehouse databases

About Meraki:

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

At Cisco Meraki, we're challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We're building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.

#LI-Remote